Russia-linked Turla APT group continues its cyber espionage campaigns shifting towards more generic tools to remain under the radar. Turla is the name of a Russian cyber espionage group (also known as Waterbug, Venomous Bear and KRYPTON) Turla has been active since at least 2007 targeting government organizations and private businesses. The group is packaging its macOS backdoor with a real Adobe Flash installer and downloading the malware on victim systems from endpoint systems that use a remote IP belonging to Akamai, the Content Delivery Network that is also used by Adobe for its supply chain.”]
Source: https://securityaffairs.co/wordpress/72819/hacking/turla-apt-metasploit.html